AADDS makes it possible to run your Active Directory entirely from Azure without Windows Server Domain Controllers. As someone who has spent most of his career working with and specialising in AD, I really welcome this. I have wanted for many years to be able to separate AD from the Windows Server OS as I have always been in organisations where Design and Operations of AD was bundled either into the Windows server Team cos, y”know, its installed in Windows, or bundled into the Exchange Team cos, y’know, AD is just a prerequisite for Exchange.

Active Directory is a core technology in its own right and belongs in the Identity & Security space within an organisation. This change allows the decoupling from Windows, etc. to happen and Microsoft are clearly showing that separation.

I haven’t delved too much into this or how it works yet, I imagine it to be similar to the way RemoteApp or Cloud Service Web/Worker roles work under the hood, but anything is possible in Azure so I could be wrong, looking forward to diving deep though!